<?php

require "include/bittorrent.php";
dbconn(false);
loggedinorreturn();
$HTMLOUT = "";
if ($CURUSER["class"] < UC_MODERATOR && $CURUSER['id'] != $betsadmin)
	stderr("错误", "权限不足");
$id = isset($_GET['id']) && is_valid_id($_GET['id']) ? $_GET['id'] : 0;
$res = sql_query("SELECT * FROM betgames WHERE id = " . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) < 1)
	stderr("错误", "没有该ID的博彩开盘");
$res = mysql_fetch_array($res);
$message = $res["heading"];
$res1 = sql_query("SELECT * FROM bets WHERE gameid = " . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res1) < 1)
	stderr("错误", "没有该ID的博彩开盘");
$bets = mysql_num_rows($res1);
$a = sql_query("SELECT * FROM `betlog` WHERE `msg` LIKE '%" . $message . "%'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($a) < 1 || mysql_num_rows($a) > 1000)
	stderr("错误", "没有该日志");
$whoopsie = 0;
$log = mysql_num_rows($a);
if (isset($_GET["shite"]))
	$shite = 1;
else
	$shite = 0;
$res3 = sql_query("SELECT * FROM bets WHERE gameid = " . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
$bets = mysql_num_rows($res3);
if ($log != $bets && $shite == 0) {
	stderr("错误", "操作记录与押注记录不匹配 " . htmlspecialchars($log) . " VS " . htmlspecialchars($bets) . " [url=bet_nullbet.php?id=" . $id . "&amp;shite=1]这样做也可以[/url]");
} else {
	$added = sqlesc(date("Y-m-d H:i:s"));
	while ($res3 = mysql_fetch_array($a)) {
		$uid = $res3['userid'];
		$points = $res3['bonus'];
		$HTMLOUT .="返还魔力值";
		sql_query("UPDATE users SET seedbonus = seedbonus - " . sqlesc($points) . " WHERE id =" . sqlesc($uid) . " LIMIT 1") or sqlerr(__FILE__, __LINE__);
		$subject = sqlesc("下注魔力值返还");
		$msg1 = sqlesc("由于错误或者竞猜提前结束，你获得了押注在 " . $message . " 上的 " . $points . " 魔力值.");
		sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES (0, $uid, $added, $msg1, $subject)") or sqlerr(__FILE__, __LINE__);
		$msg2 = sqlesc("危险：" . $message . " <b>" . $points . "</b>");
		sql_query("INSERT INTO betlog (userid, msg, date, bonus) VALUES ($uid, $msg2, $added, '$points')") or sqlerr(__FILE__, __LINE__);
		$whoopsie -= $points;
	}
	sql_query("DELETE FROM betgames WHERE id =" . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
	sql_query("DELETE FROM bets WHERE gameid = " . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
	sql_query("DELETE FROM bets WHERE id = " . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
	sql_query("DELETE FROM betoptions WHERE gameid = " . sqlesc($id) . "") or sqlerr(__FILE__, __LINE__);
	sql_query("DELETE FROM betlog WHERE msg LIKE '%" . $message . "%'") or sqlerr(__FILE__, __LINE__);
	stdhead("魔力值返还", false);
	print $HTMLOUT;
	stdfoot();
}